ClawHub

Matrix Channel Fix

Security checks across malware telemetry and agentic risk

Overview

This Matrix troubleshooting skill is not clearly malicious, but it gives high-impact reset and room-leaving instructions without enough safeguards.

Install only if you are intentionally repairing an OpenClaw Matrix integration and can tolerate downtime. Before using it, back up Matrix config and account state, avoid putting passwords directly in shell history when possible, confirm the homeserver and bot account, and review each room ID before any leave-room operation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs users to delete all Matrix account state under ~/.openclaw/matrix/accounts/* as a troubleshooting step, but it does not warn that this is destructive, may remove local session/device state, and will likely require re-authentication or re-pairing. In an operational environment, users may run it blindly and cause avoidable service disruption or loss of local encryption/session data.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The full reset section removes Matrix configuration and then recreates it, but it gives no warning about downtime, credential loss, or the risk of misconfiguration during recovery. Operators following these steps may unintentionally disable the channel or overwrite working settings without a backup.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill documents a bulk remote operation to leave rooms via the Matrix API without warning that this can disconnect the bot from multiple rooms and may be difficult to reverse operationally. Because it authenticates and performs state-changing API calls, misuse could cause broad loss of service coverage or accidental disengagement from production rooms.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal